Tuesday, September 09, 2008

Chrome and security

I read a blog on the security of Chrome, and it was stated that Chrome was build in isolation and consequently that a lot of vulnerabilities have to be seen as a consequence. I beg to differ for two reasons;
  • Chrome is using Webkit for its rendering and Chrome uses a lot of the Firefox code
  • Chrome explicitly has a different architecture in order to allow for improved security
There are two types of vulnerabilities, typically people only talk about those vulnerabilities that have to do with hackers, phishing and the likes. More people have to deal with their software being vulnerable to crashes or slowdowns. This is where Chrome makes an important difference. With Chrome it is one session that takes the hit, the sessions behind other tabs are to continue unhindered. These vulnerabilities are part and parcel of what security is also about.

When a new browser becomes available as beta software, it is not necessarily complete, it may still have issues. It is nice when security issues are identified, this will help the quality of the product improve. But the general trust of the blog is narrow minded, it misses the point of Chrome.

No comments: